Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D1218C4A8CBF11ED8112584CC4F9AE02.roa
File: D1218C4A8CBF11ED8112584CC4F9AE02.roa (raw, json)
Hash identifier: l/rlLvLsO04x8TEztwI0R1KmAy51iXLEbbGg5GC9wMU=
Subject key identifier: 90:93:EB:7B:5B:C7:70:15:D7:6A:B5:2B:1A:47:77:60:E4:CE:E8:E8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6296
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D1218C4A8CBF11ED8112584CC4F9AE02.roa
Signing time: Thu 05 Jan 2023 06:11:40 +0000
ROA not before: Thu 05 Jan 2023 06:11:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133001
IP address blocks: 43.225.160.0/22 maxlen: 24
43.251.216.0/22 maxlen: 24
45.117.220.0/22 maxlen: 24
45.119.44.0/24 maxlen: 24
45.119.45.0/24 maxlen: 24
45.119.46.0/24 maxlen: 24
45.119.47.0/24 maxlen: 24
103.38.36.0/22 maxlen: 24
103.51.132.0/24 maxlen: 24
103.51.133.0/24 maxlen: 24
103.51.134.0/24 maxlen: 24
103.51.135.0/24 maxlen: 24
103.54.76.0/24 maxlen: 24
103.54.77.0/24 maxlen: 24
103.114.0.0/22 maxlen: 23
103.114.2.0/23 maxlen: 24
103.116.147.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.140.26.0/24 maxlen: 24
103.140.27.0/24 maxlen: 24
103.165.68.0/24 maxlen: 24
103.165.69.0/24 maxlen: 24
103.176.210.0/24 maxlen: 24
103.176.211.0/24 maxlen: 24
103.187.123.0/24 maxlen: 24
103.196.76.0/22 maxlen: 24
103.201.148.0/22 maxlen: 24
103.239.168.0/24 maxlen: 24
103.239.169.0/24 maxlen: 24
103.239.170.0/24 maxlen: 24
103.239.171.0/24 maxlen: 24
111.125.225.0/24 maxlen: 24
157.119.202.0/24 maxlen: 24
183.87.251.0/24 maxlen: 24
183.87.252.0/22 maxlen: 24
202.94.160.0/22 maxlen: 24
2401:b240::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25238 (0x6296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 5 06:11:40 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63b66a1b-47eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a5:e5:39:3e:3e:7e:8c:75:e2:f2:06:30:34:
68:34:82:d0:12:db:f7:91:50:60:e9:9d:1a:30:41:
5b:45:cd:f5:e5:87:fc:1d:b6:8d:fe:4e:86:06:b9:
45:95:09:aa:c3:4c:04:7b:69:4b:3f:e9:cc:e9:98:
3b:70:9f:b2:3d:1f:17:1f:10:07:ab:e3:54:0b:fe:
d6:4f:ab:3b:05:93:b8:17:08:d3:aa:37:35:5d:19:
5a:b8:e6:ef:b0:7b:e0:cd:cb:00:58:bb:52:07:9f:
37:e6:b1:b4:7f:eb:64:68:0c:0e:8e:09:e1:04:72:
48:24:5a:d5:93:6c:c4:68:b9:6f:b0:05:1b:7a:30:
23:60:d4:58:b1:1c:22:64:66:f2:9b:eb:80:36:21:
42:4f:d0:77:d3:c2:a1:e0:a6:16:ce:81:b8:69:27:
cc:a7:a7:3d:3b:d2:7b:41:9b:02:8c:b2:5f:11:3d:
93:6a:65:5f:95:b3:1a:24:72:88:1d:ab:fb:46:90:
80:2a:a5:ee:9f:0d:41:7d:14:f3:1a:b7:26:9c:75:
4b:e4:2b:22:31:e4:b8:68:31:33:dc:79:fb:3b:04:
0b:35:7b:ae:ef:c2:15:4b:fa:9c:9e:93:b9:41:63:
a2:c3:53:c1:6c:25:f0:b0:e3:dc:25:b2:74:6d:96:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:93:EB:7B:5B:C7:70:15:D7:6A:B5:2B:1A:47:77:60:E4:CE:E8:E8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D1218C4A8CBF11ED8112584CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.160.0/22
43.251.216.0/22
45.117.220.0/22
45.119.44.0/22
103.38.36.0/22
103.51.132.0/22
103.54.76.0/23
103.114.0.0/22
103.116.147.0/24
103.133.116.0/24
103.140.26.0/23
103.165.68.0/23
103.176.210.0/23
103.187.123.0/24
103.196.76.0/22
103.201.148.0/22
103.239.168.0/22
111.125.225.0/24
157.119.202.0/24
183.87.251.0-183.87.255.255
202.94.160.0/22
IPv6:
2401:b240::/32
Signature Algorithm: sha256WithRSAEncryption
4d:67:0e:da:70:f0:d9:a3:5f:89:9d:eb:7b:00:b4:38:c8:bd:
cf:86:49:85:be:50:47:be:bd:c8:ae:f2:ee:ed:8e:13:87:44:
b3:fd:9c:79:b0:77:48:f4:b7:f4:04:83:50:e7:e6:68:c2:1c:
1a:1f:27:aa:6b:0b:fd:e1:df:1d:83:99:c0:da:4a:c8:6b:67:
18:b0:6f:e7:6c:f8:87:c0:37:f2:2f:d0:16:1f:6f:1b:da:ba:
6b:7a:d5:dd:0c:e4:ac:91:47:ab:b9:9b:24:41:e0:64:5f:90:
de:92:12:80:ee:0e:8b:4b:e8:39:67:18:33:3c:96:90:2c:54:
fd:95:e9:37:dc:76:8e:a5:a1:e1:71:90:e9:15:68:32:2e:1d:
0c:94:6d:19:45:61:2c:c6:f6:01:14:d1:56:09:62:4f:de:79:
f4:d2:23:64:d3:27:0e:ae:bd:a5:26:74:db:99:9d:a3:31:c0:
2e:ab:70:73:46:fa:11:93:bb:b3:ac:64:a8:ce:d7:3b:e8:2a:
b9:31:41:f9:15:d6:45:15:34:a6:5f:52:e9:6e:b9:39:25:6a:
77:1d:42:af:f8:c7:0d:60:33:9e:32:c7:d4:15:62:8a:39:4b:
fc:b1:ce:0b:07:8e:46:8a:97:33:66:43:4b:c7:0e:8a:58:a2:
33:59:11:cd
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICYpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTA1MDYxMTQwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I2NmExYi00N2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzqXlOT4+fox14vIGMDRoNILQEtv3kVBg6Z0aMEFbRc315Yf8HbaN/k6GBrlF
lQmqw0wEe2lLP+nM6Zg7cJ+yPR8XHxAHq+NUC/7WT6s7BZO4FwjTqjc1XRlauObv
sHvgzcsAWLtSB5835rG0f+tkaAwOjgnhBHJIJFrVk2zEaLlvsAUbejAjYNRYsRwi
ZGbym+uANiFCT9B308Kh4KYWzoG4aSfMp6c9O9J7QZsCjLJfET2TamVflbMaJHKI
Hav7RpCAKqXunw1BfRTzGrcmnHVL5CsiMeS4aDEz3Hn7OwQLNXuu78IVS/qcnpO5
QWOiw1PBbCXwsOPcJbJ0bZY/IQIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFJCT63tb
x3AV12q1KxpHd2DkzujoMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDEyMThDNEE4
Q0JGMTFFRDgxMTI1ODRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGMBAIAATCBhQMEAivhoAMEAiv72AMEAi113AMEAi13LAMEAmcmJAME
AmczhAMEAWc2TAMEAmdyAAMEAGd0kwMEAGeFdAMEAWeMGgMEAWelRAMEAWew0gME
AGe7ewMEAmfETAMEAmfJlAMEAmfvqAMEAG994QMEAJ13yjALAwQAt1f7AwMDt1AD
BALKXqAwDQQCAAIwBwMFACQBskAwDQYJKoZIhvcNAQELBQADggEBAE1nDtpw8Nmj
X4md63sAtDjIvc+GSYW+UEe+vciu8u7tjhOHRLP9nHmwd0j0t/QEg1Dn5mjCHBof
J6prC/3h3x2DmcDaSshrZxiwb+ds+IfAN/Iv0BYfbxvaumt61d0M5KyRR6u5myRB
4GRfkN6SEoDuDotL6DlnGDM8lpAsVP2V6Tfcdo6loeFxkOkVaDIuHQyUbRlFYSzG
9gEU0VYJYk/eefTSI2TTJw6uvaUmdNuZnaMxwC6rcHNG+hGTu7OsZKjO1zvoKrkx
QfkV1kUVNKZfUuluuTklancdQq/4xw1gM54yx9QVYoo5S/yxzgsHjkaKlzNmQ0vH
DopYojNZEc0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:52:04 2025 by rpki-client